shotting.cc

DEFCON-1

Programming is simple. High level languages make for easy access into the world of computing. Once you understand there is a computing 'paradigm' behind most high-level languages, you'll be able to explain things you do not even learned.

Lets start with operators - these are things that handle calls, just like with the phone systems. A call in programming is connecting the IP to a new address, changing the flow of execution.
This is a call, what is very simply a term for updating the IP? Well, the IP is the Instruction Pointer.
The IP therefore, contains the Pointer to the next instruction address in RAM. This IP points to addresses in RAM. RAM is RANDOM ACCESS MEMORY which is different from ROM and REM. ROM is Read Only Memory whereas REM stands for Remark.

The RAM addresses usually contains two program segments, a CS and a DS. These date back to Assembler. A CS stands for Code Segment and is similar to the Data Segment in the fact that it contains instruction data, how ever, you cannot make a data segment execute the same as a code segment cannot be read as data. This how ever, is not exactly true. In fact, a CS and DS have Page Table Flags that can be manipulated by the Kernel to flip the bits on a DS to turn it into a CS and vice versa. Also, instructions exist that load a segment of data into RAM, and then execute it. These are usually void pointers in C that enable this 'hack'.Hacks and hacking usually involve getting data (payloads) to execute. A payload is hacking terminology for executable data. These usually are used by hackers/users of metasploit in overflow attacks. Metasploit is a hacking tool used by l-users or noobs who do not know how to write their own exploits.Exploits is code that alters the functionality of a computer system. This might mean installing a backdoor. Backdoors are a way of getting back into the system at a later date. Some noobs think backdoors are Trojan programs or any kind of program that opens a port to the outside world. They are sadly mistaken. A true backdoor is introducing in the system (Usually NETBIOS for Windflows and SSH for Linux) a programming flaw that will enable an overflow attack at a later date. Overflows are a mans means of getting back into the system at any point in time by exceeding the recommended number of characters acceptable by, say, a Linux web server, such as apache. Apache is a Server which means (following the computer paradigm) - a program that 'serves' the user (web pages).